runcon.c 4.0 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137
  1. /*
  2. * runcon [ context |
  3. * ( [ -c ] [ -r role ] [-t type] [ -u user ] [ -l levelrange ] )
  4. * command [arg1 [arg2 ...] ]
  5. *
  6. * attempt to run the specified command with the specified context.
  7. *
  8. * -r role : use the current context with the specified role
  9. * -t type : use the current context with the specified type
  10. * -u user : use the current context with the specified user
  11. * -l level : use the current context with the specified level range
  12. * -c : compute process transition context before modifying
  13. *
  14. * Contexts are interpreted as follows:
  15. *
  16. * Number of MLS
  17. * components system?
  18. *
  19. * 1 - type
  20. * 2 - role:type
  21. * 3 Y role:type:range
  22. * 3 N user:role:type
  23. * 4 Y user:role:type:range
  24. * 4 N error
  25. *
  26. * Port to busybox: KaiGai Kohei <kaigai@kaigai.gr.jp>
  27. * - based on coreutils-5.97 (in Fedora Core 6)
  28. *
  29. * Licensed under GPLv2, see file LICENSE in this source tree.
  30. */
  31. #include <getopt.h>
  32. #include <selinux/context.h>
  33. #include <selinux/flask.h>
  34. #include "libbb.h"
  35. static context_t runcon_compute_new_context(char *user, char *role, char *type, char *range,
  36. char *command, int compute_trans)
  37. {
  38. context_t con;
  39. security_context_t cur_context;
  40. if (getcon(&cur_context))
  41. bb_error_msg_and_die("can't get current context");
  42. if (compute_trans) {
  43. security_context_t file_context, new_context;
  44. if (getfilecon(command, &file_context) < 0)
  45. bb_error_msg_and_die("can't retrieve attributes of '%s'",
  46. command);
  47. if (security_compute_create(cur_context, file_context,
  48. SECCLASS_PROCESS, &new_context))
  49. bb_error_msg_and_die("unable to compute a new context");
  50. cur_context = new_context;
  51. }
  52. con = context_new(cur_context);
  53. if (!con)
  54. bb_error_msg_and_die("'%s' is not a valid context", cur_context);
  55. if (user && context_user_set(con, user))
  56. bb_error_msg_and_die("can't set new user '%s'", user);
  57. if (type && context_type_set(con, type))
  58. bb_error_msg_and_die("can't set new type '%s'", type);
  59. if (range && context_range_set(con, range))
  60. bb_error_msg_and_die("can't set new range '%s'", range);
  61. if (role && context_role_set(con, role))
  62. bb_error_msg_and_die("can't set new role '%s'", role);
  63. return con;
  64. }
  65. #if ENABLE_FEATURE_RUNCON_LONG_OPTIONS
  66. static const char runcon_longopts[] ALIGN1 =
  67. "user\0" Required_argument "u"
  68. "role\0" Required_argument "r"
  69. "type\0" Required_argument "t"
  70. "range\0" Required_argument "l"
  71. "compute\0" No_argument "c"
  72. "help\0" No_argument "h"
  73. ;
  74. #endif
  75. #define OPTS_ROLE (1<<0) /* r */
  76. #define OPTS_TYPE (1<<1) /* t */
  77. #define OPTS_USER (1<<2) /* u */
  78. #define OPTS_RANGE (1<<3) /* l */
  79. #define OPTS_COMPUTE (1<<4) /* c */
  80. #define OPTS_HELP (1<<5) /* h */
  81. #define OPTS_CONTEXT_COMPONENT (OPTS_ROLE | OPTS_TYPE | OPTS_USER | OPTS_RANGE)
  82. int runcon_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
  83. int runcon_main(int argc UNUSED_PARAM, char **argv)
  84. {
  85. char *role = NULL;
  86. char *range = NULL;
  87. char *user = NULL;
  88. char *type = NULL;
  89. char *context = NULL;
  90. unsigned opts;
  91. context_t con;
  92. selinux_or_die();
  93. #if ENABLE_FEATURE_RUNCON_LONG_OPTIONS
  94. applet_long_options = runcon_longopts;
  95. #endif
  96. opt_complementary = "-1";
  97. opts = getopt32(argv, "r:t:u:l:ch", &role, &type, &user, &range);
  98. argv += optind;
  99. if (!(opts & OPTS_CONTEXT_COMPONENT)) {
  100. context = *argv++;
  101. if (!argv[0])
  102. bb_error_msg_and_die("no command given");
  103. }
  104. if (context) {
  105. con = context_new(context);
  106. if (!con)
  107. bb_error_msg_and_die("'%s' is not a valid context", context);
  108. } else {
  109. con = runcon_compute_new_context(user, role, type, range,
  110. argv[0], opts & OPTS_COMPUTE);
  111. }
  112. if (security_check_context(context_str(con)))
  113. bb_error_msg_and_die("'%s' is not a valid context",
  114. context_str(con));
  115. if (setexeccon(context_str(con)))
  116. bb_error_msg_and_die("can't set up security context '%s'",
  117. context_str(con));
  118. execvp(argv[0], argv);
  119. bb_perror_msg_and_die("can't execute '%s'", argv[0]);
  120. }